CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-4798

Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uri parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 78.3%

CVSS Severity

CVSS v2 Score 6.8

References

http://www.exploit-db.com/exploits/15232
http://www.securityfocus.com/bid/43905
https://exchange.xforce.ibmcloud.com/vulnerabilities/62388
http://www.exploit-db.com/exploits/15232
http://www.securityfocus.com/bid/43905
https://exchange.xforce.ibmcloud.com/vulnerabilities/62388

Products affected by CVE-2010-4798

Orangehrm » Orangehrm » Version: 2.6.0.1

cpe:2.3:a:orangehrm:orangehrm:2.6.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-4798

Products

Pricing

Contact Us